Skip to content

Commit cf9afec

Browse files
thomasdhcclaude
andauthored
fix(deps): bump etcd 3.5.21->3.5.30 to clear grpc-go auth-bypass CVE (#2201)
* fix(deps): bump etcd 3.5.21->3.5.30 to clear grpc-go auth-bypass CVE Signed-off-by: Dong Hyuk Chang <9426164+thomasdhc@users.noreply.github.com> Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(deps): bump etcd 3.5.30->3.5.32 to also clear x/net idna CVE Signed-off-by: Dong Hyuk Chang <9426164+thomasdhc@users.noreply.github.com> Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Signed-off-by: Dong Hyuk Chang <9426164+thomasdhc@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent 6fe70d9 commit cf9afec

1 file changed

Lines changed: 4 additions & 4 deletions

File tree

docker/common/install_etcd_nats.sh

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,10 +15,10 @@
1515

1616
set -xeuo pipefail
1717

18-
# Versions pinned to match upstream ai-dynamo/dynamo container/context.yaml,
19-
# so Dynamo-Curator integration runs the same etcd/nats-server binaries as
20-
# Dynamo's own runtime images.
21-
ETCD_VERSION=3.5.21
18+
# nats-server matches upstream ai-dynamo/dynamo container/context.yaml. etcd
19+
# leads Dynamo's pin (3.5.30) to the latest 3.5.x patch to clear the bundled
20+
# grpc-go + x/net CVEs; 3.5.x binaries stay wire-compatible with Dynamo.
21+
ETCD_VERSION=3.5.32
2222
NATS_VERSION=2.10.28
2323

2424
for i in "$@"; do

0 commit comments

Comments
 (0)